Table of Content
- Worst Hit States by Ransomware Attacks on US Businesses in 2020
- Map Showing the Number of Records Affected by Ransomware Attacks on US Businesses
- How Much Cost Did the US Businesses Bear for Ransomware Attack?
- Ransomware Attacks on US Businesses Resulted in Major Downtime
- Main Insights Drawn From Ransomware Attacks That Affected US Businesses
- Detailed Table Describing Ransomware Attacks on US Businesses
Ransomware Attacks on US – Mainstream Businesses Affected Badly
Over the last few years, businesses are facing ransomware attacks and these are increasing at an exponential rate. Considering global cases, approximately 185 ransomware attacks on US businesses were seen in the year 2020 alone (nearly a 245% increase from the previous year). It cost businesses almost $21 billion, consequently, it deeply impacted business revenue and customers’ trust.
A study revealed that on average businesses lost 9 days to downtime and around two and a half months to investigation and recovery. Also, it has come to light that many cyber criminals unleash double-extortion attacks that steal data from a system prior to encrypting it. In 2020, over 7 million individual records had been impacted.
Ransomware attacks affected businesses in many ways. It took down key systems, disrupt operations, and even some businesses had to close down their doors permanently.
Researches show that in the first half of the year 2021, nearly 91 different ransomware attacks affected over 22 million individual records. It’s comparatively three times the number of records impacted in 2020.
So, dig deeper and analyze the true cost of ransomware attacks on US businesses, the pattern of ransomware threats over the last few years, and more.
Note: The discussed facts and figures are taken from ‘Comperitech’, in case there is any change we’ll update the same in the future.
Worst Hit States by Ransomware Attacks on US Businesses in 2020
From the below map, it’s clear that the most populated city, California, was also the worst hit by ransomware attacks. Around 25 businesses in the city were affected followed by 16 in New York City. And, the list goes on. Other than California (25) and New York City (16), Illinois (13), Florida (12), Massachusetts (11), Georgia (7), Ohio (7), and more.
Map Showing the Number of Records Affected by Ransomware Attacks on US Businesses
The most severely affected state changes depending on how many records were impacted by the ransomware attacks on these companies. However, it is important to keep in mind that a firm may have more records affected than just those in its home state. The figure shown below is based on the number of records that are assigned according to the headquarters’ state.
From the previous section, we got to know that Illinois was the third-highest in terms of the number of ransomware attacks. However, if you consider the total number of records compromised (around 2.8 million) then it tops the list.
Out of 2.8 million records, 2.79m were from the international insurance broker Arthur J. Gallagher & Co. Since it failed to inform the customers about their data being stolen, the company had to face legal consequences.
Apart from Illinois, Minnesota was there in second place with 1,454,413 records affected followed by Utah with 761,409 records.
Let’s see the financial impact of ransomware attacks on US businesses.
How Much Cost Did the US Businesses Bear for Ransomware Attack?
Reasonably, organizations usually don’t disclose the ransom amount whether paid or unpaid to avoid further misuse of the information. Only a few providers made the financial figures public. From that, it’s clear that ransom demands vary from $500,000 to $21 million (Data is approximated by considering 11 out of 186 ransomware attacks).
Businesses That Paid Ransom to Hackers:
- Garmin’s US subsidiary company was under a ransomware attack and it paid around $10 million to free its systems.
- Travel firm CWT’s around 30,000 computers were compromised and as a ransom, the company had to pay $4.5 million.
- Nearly 1.5 million records of NetGain technology were affected due to a ransomware attack. The company paid $2.3 million in exchange for decryption keys.
- Communications and Power industries’ all computers and on-site backups were infiltrated by hackers. The company paid a $500,000 ransom and despite paying the ransom, the business was not running at full capacity nearly after two months.
Ransomware Attacks on US Businesses Resulted in Major Downtime
Don’t get confused about downtime with the investigation period. Cause downtime relates to businesses being largely unavailable. While the investigation period refers to the time taken by the business to look into the attack, find out the impact, and which systems or data were affected.
Usually, the investigation period is longer than the downtime. The recent Rackspace Ransomware Attack is the biggest example of the same. However, businesses suffered an average downtime of 9 days whereas the average investigation period lasted 58 days.
Overall, ransomware attacks caused 340 days of downtime and 4,414 days of investigation throughout 2020.
If you are curious to know what was the cost of ransomware attacks on US businesses due to downtime then have a look at the below figure and map.
From the above figure, it’s clear that California was the worst affected state. Businesses in this state lost nearly $3.07 billion to ransomware attacks. The figures may seem large but some of the well-established companies revealed the ransom amount caused damage to their revenues. Such as Cognizant lost $50-$70 million, Forward Air Corporation had to pay $7.5 million, and Steelcase confirmed that it had to delay shipments worth $60 million due to a ransomware attack.
Main Insights Drawn From Ransomware Attacks That Affected US Businesses
The data given below is based on the ransomware attacks that happened from 2018 to 2021.
- There have been 356 distinct ransomware attacks against corporations.
- Due to these attacks, about 30 million records have been stolen, lost, or impacted.
- According to estimates, ransomware attacks have caused 3,491 days of business interruption and nearly 22,300 days of post-attack investigations.
- 14 companies disclosed the costs associated with their recovery attempts, with these firms spending a total of nearly $161.5 million. This averages up to more than $11.5 million.
- The range of ransom demands was $5,500 to $40 million.
- At least $80 million in ransom payments have been made to hackers.
- Ransom payments have been demanded from hackers for at least $159 million, with the average demand being $6.4 million.
- With potential recovery expenses increasing the amount by millions (if not billions), we estimate that downtime has cost firms about $43.5 billion.
Detailed Table Describing Ransomware Attacks on US Businesses
Refer to the below table that gives a clear and detailed picture of the number of attacks, records affected, and cost of downtime through the past couple of years.
|State||State Population||# of Attacks – 2018||# of Records Affected – 2018||Estimated Downtime – 2018 (Days)||Estimated $ Cost of Downtime – 2018||# of Attacks – 2019||# of Records Affected – 2019||Estimated Downtime – 2019 (Days)||Estimated $ Cost of Downtime – 2019||# of Attacks – 2020||# of Records Affected – 2020||Estimated Downtime – 2020 (Days)||Estimated $ Cost of Downtime – 2020||# of Attacks – 2021||# of Records Affected – 2021||Estimated Downtime – 2021 (Days)||Estimated $ Cost of Downtime – 2021||TOTAL Attacks||TOTAL Records Affected||TOTAL Estimated $ Cost of Downtime|
|District of Columbia||705,749||0||0||0||0||0||0||0||0||1||0||3||37.42M||1||0||10||120.99M||2||0||158.41M|
[Table Reference: Comparitech]
The study on Ransomware attacks on US businesses shows that the target for these attackers was mostly businesses and healthcare organizations. After the pandemic, being under an increased amount of pressure, healthcare organizations and businesses tried to keep up so that their patients & clients respectively won’t face any trouble. With more employees working from home, networks and systems were left vulnerable which become a far easier target for attacks.
What’s done can’t be undone but to prevent future ransomware attacks, organizations need to take serious security measures. They can connect with professionals for Managed Cybersecurity Services. By this, they can not only mitigate the probable ransomware attacks but also save themselves from the financial impacts of ransomware attacks on businesses. Consult with our Cyber Experts now!